Inside ICANNWatch  
Submit Story
Lost Password
Site Messages
Top 10 Lists
Latest Comments
Search by topic

Our Mission
ICANN for Beginners
About Us
How To Use This Site
Slash Tech Info
Link to Us
Write to Us

  Useful ICANN sites  
  • ICANN itself
  • Bret Fausett's ICANN Blog
  • Internet Governance Project
  • UN Working Group on Internet Governance
  • Karl Auerbach web site
  • Müller-Maguhn home
  • UDRPinfo.com;
  • UDRPlaw.net;
  • CircleID;
  • LatinoamerICANN Project
  • ICB Tollfree News

  •   At Large Membership and Civil Society Participation in ICANN  
  • icannatlarge.com;
  • Noncommercial Users Constituency of ICANN
  • NAIS Project
  • ICANN At Large Study Committee Final Report
  • ICANN (non)Members page
  • ICANN Membership Election site

  • ICANN-Related Reading
    Browse ICANNWatch by Subject

    Ted Byfied
    - ICANN: Defending Our Precious Bodily Fluids
    - Ushering in Banality
    - ICANN! No U CANN't!
    - roving_reporter
    - DNS: A Short History and a Short Future

    David Farber
    - Overcoming ICANN (PFIR statement)

    A. Michael Froomkin
    - When We Say US™, We Mean It!
    - ICANN 2.0: Meet The New Boss
    - Habermas@ discourse.net: Toward a Critical Theory of Cyberspace
    - ICANN and Anti-Trust (with Mark Lemley)
    - Wrong Turn in Cyberspace: Using ICANN to Route Around the APA & the Constitution (html)
    - Form and Substance in Cyberspace
    - ICANN's "Uniform Dispute Resolution Policy"-- Causes and (Partial) Cures

    Milton Mueller
    - Ruling the Root
    - Success by Default: A New Profile of Domain Name Trademark Disputes under ICANN's UDRP
    - Dancing the Quango: ICANN as International Regulatory Regime
    - Goverments and Country Names: ICANN's Transformation into an Intergovernmental Regime
    - Competing DNS Roots: Creative Destruction or Just Plain Destruction?
    - Rough Justice: A Statistical Assessment of the UDRP
    - ICANN and Internet Governance

    David Post
    - Governing Cyberspace, or Where is James Madison When We Need Him?
    - The 'Unsettled Paradox': The Internet, the State, and the Consent of the Governed

    Jonathan Weinberg
    - Sitefinder and Internet Governance
    - ICANN, Internet Stability, and New Top Level Domains
    - Geeks and Greeks
    - ICANN and the Problem of Legitimacy

    Highlights of the ICANNWatch Archive
    (June 1999 - March 2001)

    This discussion has been archived. No new comments can be posted.
    Anonymous ICANNwatch Messages Considered Harmful? | Log in/Create an Account | Top | 65 comments | Search Discussion
    Click this button to post a comment to this story
    The options below will change how the comments display
    Check box to change your default comment view
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
    Moving the root servers to the edge
    by Anonymous on Monday June 07 2004, @05:07PM (#13719)
    Here are the 13 public-domain root server addresses.

    Here are the /24 sub-nets from the above. Note: You just place a zero at the far right. The 13 sub-nets above then supply a large number of resources to the DHCP server to hand out individual addresses. The single addresses for the root servers are not part of the DHCP allocations. They get aliased on to one (or more) local server that knows about all of the TLD servers. All of the root server traffic then becomes routed locally. It never leaves the physical location or country. For third-world countries where band-width is expensive, serving the root server traffic locally saves a lot of money and frees up band-width.

    Rather than use 10.*.*.* or 192.168.*.* for fire-walled networks, it is better to use real IP addresses. The major carriers are starting to use addresses like 10.*.*.* for internal network fabric addressing. In many respects, this is a reversal, the 10.*.*.* addresses, once used at the edge are now moved to the core and the public-domain root server sub-nets, once viewed as being at the center, are now any-casted in millions of locations around the edge.

    [ Reply to This | Parent ]
    Moving the root servers to the edge by Anonymous
    Re:Moving the root servers to the edge
    by Anonymous on Monday June 07 2004, @05:09PM (#13720)
    #&nbsp ;   Find the IPv4 Address of the up-stream end of the DSL or Cable
    ifconfig ppp0 | grep "inet addr:" | sed -e's/^.*inet addr://' | sed -e's/ .*$//' >${TMP}/inetaddr.txt
    ifconfig ppp0 | grep P-t-P | sed -e's/^.*P-t-P://' | sed -e's/ .*$//' >${TMP}/ptpaddr.txt
    GATEWAY=`cat ${TMP}/ptpaddr.txt`
    #    Find the Names of the Root Zone Servers
    dig . any | grep 'IN    NS    ' | sed -e's/^.*    NS    //' | sort | uniq >${TMP}/rootnames.txt
    #    Find the Root Zone Servers
    cp /dev/null ${TMP}/bigdig.txt
    cp /dev/null ${TMP}/soadig.txt
    while read i
    dig $i any >>${TMP}/bigdig.txt
    dig $i soa >>${TMP}/soadig.txt
    done <${TMP}/rootnames.txt
    grep 'IN    A    ' <bigdig.txt | tr [:lower:] [:upper:] | sort | uniq >${TMP}/arecords.txt
    sed -e's/^.*    //' <${TMP}/arecords.txt | sort | uniq >${TMP}/ipaddress.txt
    sed -e's/\.[0-9]*\.[0-9]*$/.0.0/' <${TMP}/ipaddress.txt >${TMP}/root16.txt
    sed -e's/.[0-9]*$/.0/' <${TMP}/ipaddress.txt >${TMP}/root24.txt
    #    Route all of the Root Server /24 sub-nets local
    while read i
        route delete -net $i netmask gw
        route delete -net $i netmask gw ${GATEWAY}
        route add -net $i netmask gw ${GATEWAY}
    done <${TMP}/root24.txt
    #    Alias the internal LAN interface to localize the Root Zone
    while read i
        ifconfig ${INTERNAL}:$j $i
        j=`expr $j + 1 `
    done <${TMP}/ipaddress.txt
    [ Reply to This | Parent ]
    Re:Moving the root servers to the edge
    by Anonymous on Monday June 07 2004, @05:20PM (#13721)

    ftp://ftp.n ew.net/domain/bind/root-slave.conf

    // Slave the root zone from a new.net master DNS server.
    zone "." {
      type slave;
      file "root.zone";
      masters {;

    [ Reply to This | Parent ]
    Re:Moving the root servers to the edge
    by Anonymous on Monday June 07 2004, @07:15PM (#13722)
    "Duplicate Address Avoidence: The Linux DHCPD will always ping the address it is about to issue, to make sure that it is not already in use, whilst the Microsoft DHCP Server will purely rely on its own leases database, which does sometimes result in duplicate addresses on the network. "
    Interesting difference, however the end justifies the means. If the goal is "duplicate address avoidence", then this still happens on a Microsoft network. Microsoft OS based DHCP clients will ARP to see if the address is in use beforehand and will not take it if it's active. This also generates a duplicate address alert on the original owners desktop (if configured). I haven't seen one of these alerts in ages.

    [ Reply to This | Parent ]
    Re:Moving the root servers to the edge
    by Anonymous on Monday June 07 2004, @07:52PM (#13723)
    sed -e's/\.[0-9]*\.[0-9]*$/.0.0/' <${TMP}/ipaddress.txt >${TMP}/root16.txt
    sed -e's/.[0-9]*$/.0/' <${TMP}/ipaddress.txt >${TMP}/root24.txt
    #    Create DHCPD config file from root sub-nets
    sed -e's/.[0-9]*$//' <${TMP}/ipaddress.txt >${TMP}/dhcp24.txt
    echo "ddns-update-style ad-hoc;" >dhcpd.txt
    while read i
        echo "subnet" $i.0 "netmask {" >>dhcpd.txt
        echo "range" $i.1 $i.254 ";" >>dhcpd.txt
        SERVER=`grep $i ${TMP}/ipaddress.txt`
        echo "option domain-name-servers " ${SERVER} ";" >>dhcpd.txt
        echo "option routers " ${SERVER} ";" >>dhcpd.txt
        echo "}" >>dhcpd.txt
    done <${TMP}/dhcp24.txt
    [ Reply to This | Parent ]

    Search ICANNWatch.org:

    Privacy Policy: We will not knowingly give out your personal data -- other than identifying your postings in the way you direct by setting your configuration options -- without a court order. All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by ICANNWatch.Org. This web site was made with Slashcode, a web portal system written in perl. Slashcode is Free Software released under the GNU/GPL license.
    You can syndicate our headlines in .rdf, .rss, or .xml. Domain registration services donated by DomainRegistry.com